[openssl-users] Wildcard: how are they correct?
Dustin Albright
dustin.albright04 at gmail.com
Wed Oct 10 06:58:47 UTC 2018
I'm Dustin Albright I see what u r say thing there two listed so that's
old man in back and me inn liven room with Lil Lil man
On Wed, Oct 10, 2018, 2:55 AM Kyle Hamilton <aerowolf at gmail.com> wrote:
> If subjectAltName exists, CN= is not evaluated. All the given
> examples should work. (The only exceptions are validators that
> haven't been current for more than 20 years.) None of the examples is
> correct. CN= should not even be included in the certificate. If it
> is, (d) is the closest to correct, if "hello world" is replaced by
> something meaningful to the identification or naming of the subject.
>
> -Kyle H
> On Tue, Oct 9, 2018 at 11:18 PM Walter H. <walter.h at mathemainzel.info>
> wrote:
> >
> > Hello,
> >
> > which of these possibilities is the correct one?
> >
> > (a) CN=*.example.com
> > and subjectAltName = DNS:*.example.com, DNS:example.com
> >
> > (b) CN=example.com
> > and subjectAltName = DNS:example.com, DNS:*.example.com
> >
> > (c) CN=example.com
> > and subjectAltName = DNS:*.example.com, DNS:example.com
> >
> > (d) CN=hello world
> > and subjectAltName = DNS:example.com, DNS:*.example.com
> >
> > Thanks,
> > Walter
> >
> > --
> > openssl-users mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20181010/f107ae43/attachment-0001.html>
More information about the openssl-users
mailing list